socsa

Right, they don’t support the advanced login protocols some providers like outlook require. That was a deal breaker, because deltachat was pretty much the last encrypted messaging service which worked in China.

You could say the same thing about Time Cube

This absolutely expands the threat surface in a few different ways though. It’s relatively low stakes, but it’s non zero. I have not dug into the implementation but I am curious how this doesn’t technically violate forward secrecy. A single session key will ostensibly be used to encrypt the entire session key database? Which means if that key is compromised in transit then the entire key history is compromised. Using the long term secret directly for data in transit is definitely not compliant either.